Do not use win32k renderer lockdown if DirectWrite is disabled.

content/common/sandbox_win.cc

Index: content/common/sandbox_win.cc
diff --git a/content/common/sandbox_win.cc b/content/common/sandbox_win.cc
index a3882d0d1dd709d581f695f2c990e6ee18ab0bbb..c6f6140a34225052f7b5ee6f045d57bfa232c9c7 100644
--- a/content/common/sandbox_win.cc
+++ b/content/common/sandbox_win.cc
@@ -20,6 +20,7 @@
 #include "base/win/scoped_handle.h"
 #include "base/win/scoped_process_information.h"
 #include "base/win/windows_version.h"
+#include "content/common/content_switches_internal.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/sandbox_init.h"
@@ -620,9 +621,9 @@ base::Process StartSandboxedProcess(
                                          sandbox::MITIGATION_DEP_NO_ATL_THUNK |
                                          sandbox::MITIGATION_SEHOP;
 
-  if (base::win::GetVersion() >= base::win::VERSION_WIN8 &&
-      type_str == switches::kRendererProcess &&
-      switches::IsWin32kRendererLockdownEnabled()) {
+#if !defined(NACL_WIN64)
+  if (type_str == switches::kRendererProcess &&
+      IsWin32kRendererLockdownEnabled()) {
     if (policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN,
                         sandbox::TargetPolicy::FAKE_USER_GDI_INIT,
                         NULL) != sandbox::SBOX_ALL_OK) {
@@ -630,6 +631,7 @@ base::Process StartSandboxedProcess(
     }
     mitigations |= sandbox::MITIGATION_WIN32K_DISABLE;
   }
+#endif
 
   if (policy->SetProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK)
     return base::Process();